Download presentation
Presentation is loading. Please wait.
Published byGary Lane Modified over 9 years ago
1
Configuration verification: A missing link toward fully verified networks Ratul Mahajan Microsoft Research With: Ari Fogel, Stanley Fung, Ramesh Govindan, Todd Millstein, Luis Pedrosa, Meg Walraed-Sullivan
2
Networks are unreliable Unreliability is expensive
3
(An old) vision
4
But what does it mean? Hardware Forwarding software Data plane state Router runtime Configuration
5
Why configuration (verification) is hard? Low-level, per-device configuration Multiple routing protocols Redistribution across protocols Access control and isolation n1 n2 n3 C P p1 c1 c2 10.0.0.0/24 2.2.2.0/24 3.3.3.0/24 n4 N
6
Approaches for configuration analysis Data plane state Router runtime Configuration
7
Batfish n1 n2 n3 C P p1 c1 c2 10.0.0.0/24 2.2.2.0/24 3.3.3.0/24 n4 N [A generalized approach to network configuration analysis, NSDI 2015]
8
Demo
9
Results on two university networks PS. Wrt the prefix that was dual-assigned from yesterday, one of my NOC guys stopped by today to ask what voodoo I was using to find such things - Email from the head of the Net1 NOC
10
Implications It is possible to build a declarative model of existing networks – Can aid transition to SDNs – Can capture network management activity across time – Can capture network’s computation and its complexity https://github.com/arifogel/batfish
11
Toward fully verified networks ? Hardware Forwarding software Data plane state Router runtime Configuration Management plane Data plane computation …. Protocol interactions
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.